AWS S3 GET 预签名 url 因 CORS 间歇性失败
[英]AWS S3 GET pre-signed url fails with CORS intermittently
问题描述
I'm generating a pre-signed url using java for an image stored in s3
我正在使用 java 为存储在 s3 中的图像生成一个预签名的 url
public String generateDownloadLink(String bucketName, String responseContentDisposition,
String key, int days) {
GetObjectRequest objectRequest =
GetObjectRequest.builder()
.bucket(bucketName)
.responseContentDisposition(responseContentDisposition)
.key(key).build();
GetObjectPresignRequest preSignRequest =
GetObjectPresignRequest.builder()
.signatureDuration(Duration.ofDays(days))
.getObjectRequest(objectRequest)
.build();
PresignedGetObjectRequest presignedRequest = this.s3Presigner.presignGetObject(preSignRequest);
return presignedRequest.url().toString();
The FE (react) then loads the image using an image tag as in the image below. FE(反应)然后使用图像标签加载图像,如下图所示。 This modal library also has a download button when opened in full screen -> the a tag element.这个模态库在全屏打开时也有一个下载按钮 -> a标签元素。 If the download button is pressed, it won't download anything because of a CORS error.如果按下下载按钮,它将不会因为 CORS 错误而下载任何内容。
This post explains why, though the solution can't be applied in my case.这篇文章解释了原因,尽管该解决方案不适用于我的情况。
Also, this happens intermittently and i can't figure out what is different in those cases.此外,这种情况会间歇性发生,我无法弄清楚在这些情况下有什么不同。 Sometimes I can see the thumbnail (aka the library does an initial GET to load the image and display it) and also after the modal is opened, I can download the image (aka the libray does another get with the a tag).有时我可以看到缩略图(又名库执行初始 GET 加载图像并显示它)并且在模式打开后,我可以下载图像(又名库用a标签执行另一个获取)。
Bucket CORS config存储桶 CORS 配置
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"PUT",
"GET",
"HEAD"
],
"AllowedOrigins": [
"http://localhost:3000",
"https://<my-host>"
],
"ExposeHeaders": [
"ETag"
],
"MaxAgeSeconds": 3000
}
3 个解决方案
解决方案1
2 2022-12-13 12:30:42
Try adding OPTIONS to the list of AllowedMethods in your CORS config.尝试将OPTIONS添加到 CORS 配置中的AllowedMethods列表中。 The CORS preflight request made from the browser(before the "real" request) uses OPTIONS http method, so it needs to be allowed.从浏览器发出的 CORS 预检请求(在“真实”请求之前)使用OPTIONS http 方法,因此需要允许。
解决方案2
2 2022-12-16 11:56:54
My suggestion would be to open the CORS policy up completely, if it begins to work then you can start to refine the access until you realize where the issue is:我的建议是完全开放 CORS 政策,如果它开始起作用,那么您可以开始优化访问,直到您意识到问题出在哪里:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"*"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": [
"*"
],
"MaxAgeSeconds": 3000
}
]
This is also a good blog on CORS which may help:这也是一个关于 CORS 的好博客,可能会有所帮助:
https://aws.amazon.com/blogs/media/deep-dive-into-cors-configs-on-aws-s3-how-to/ https://aws.amazon.com/blogs/media/deep-dive-into-cors-configs-on-aws-s3-how-to/
You can also try adding crossorigin param to your image tag:您还可以尝试将crossorigin参数添加到图像标签中:
<img src="my-img.s3.eu-west-2.amazonaws.com/img.png"
crossorigin="anonymous" />
解决方案3
1 2022-12-18 14:42:21
You can force the browser to make the img tag use a CORS request when loading by setting the crossorigin attribute :您可以通过设置crossorigin 属性强制浏览器使 img 标签在加载时使用 CORS 请求:
<img src="foo.s3.eu-west-2.amazonaws.com/bar/baz"
crossorigin="anonymous" />
This stops the browser from treating the image as "tainted", but should also force s3 to return the appropriate CORS response that can be properly cached by the browser.这会阻止浏览器将图像视为“受污染”,但也应该强制 s3 返回可以由浏览器正确缓存的适当 CORS 响应。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.